﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using EHSubmit.Model;

namespace EHSubmit.Logic
{
    /// <summary>
    /// 统一身份验证基础类
    /// </summary>
    public abstract class BasePage : System.Web.UI.Page
    {
        /// <summary>
        /// 重写Page的OnLoad方法以控制用户访问
        /// </summary>
        /// <param name="e"></param>
        protected override void OnLoad(EventArgs e)
        {
            switch (CheckUser())
            {
                case EAuthenticateResult.AccessDeny:
                    Response.Redirect(NoAccessPage);
                    return;
                case EAuthenticateResult.NotLogged:
                    Response.Redirect(LoginPage);
                    return;
                case EAuthenticateResult.Passed:
                    break;
                default:
                    Response.Redirect(LoginPage);
                    return;
            }
            // cacheable ?
            if (NoCache)
            {
                Response.Cache.SetExpires(DateTime.MinValue);
                Response.Cache.SetCacheability(HttpCacheability.NoCache);
                Response.Cache.SetVaryByCustom("browser");
                Response.Cache.SetValidUntilExpires(true);
            }
            base.OnLoad(e);
        }
        
        
        
        
        /// <summary>
        /// 用户类型
        /// </summary>
        public enum ERole
        {
            /// <summary>
            /// 管理员
            /// </summary>
            Admin = 0,
            /// <summary>
            /// 教师
            /// </summary>
            Teacher = 1,
            /// <summary>
            /// 学生
            /// </summary>
            Student = 2
        }


        /// <summary>
        /// 身份验证结果
        /// </summary>
        protected enum EAuthenticateResult
        {
            /// <summary>
            /// 通过验证
            /// </summary>
            Passed,
            /// <summary>
            /// 用户已经登录，但是没有权限访问此页面
            /// </summary>
            AccessDeny,
            /// <summary>
            /// 用户没有登录
            /// </summary>
            NotLogged
        }

        private ERole _desiredRole = ERole.Admin;         // 默认要求管理员登录
        public ERole DesiredRole
        {
            set { this._desiredRole = value; }
            get { return this._desiredRole; }
        }
        /// <summary>
        /// the URL to redirect when user identification failed.
        /// default to ~/Login.aspx
        /// </summary>
        private string _loginPage = "~/Login.aspx";
        public string LoginPage
        {
            set { this._loginPage = value; }
            get { return this._loginPage; }
        }

        string _noAccessPage = "~/Error.html";
        public string NoAccessPage
        {
            get { return _noAccessPage; }
            set { _noAccessPage = value; }
        }

        /// <summary>
        /// 获得/设置SESSION中用户对象存放的键
        /// </summary>
        string _sessUserKey = Constants.SESS_USER_KEY;
        public string SessUserKey
        {
            get { return _sessUserKey; }
            set { _sessUserKey = value; }
        }

        bool _noCache = false;
        /// <summary>
        /// 是否在用户浏览器中缓存此页。默认不缓存。
        /// </summary>
        public bool NoCache
        {
            get { return _noCache; }
            set { _noCache = value; }
        }

        public User CurrentUser
        {
            get { return GetCurrentUser(); }
            //set { _currentUser = value; }      // 有待完善
        }


        /// <summary>
        /// 验证当前用户是否有访问此页面的权限。
        /// </summary>
        /// <returns>验证结果</returns>
        virtual protected EAuthenticateResult CheckUser()
        {
            // verify identity of the visitor
            User u = GetCurrentUser();

            if (u == null)
            {
                return EAuthenticateResult.NotLogged;
            }

            if (u.RoleId == (int)DesiredRole)
            {
                return EAuthenticateResult.Passed;
            }
            else    // u.RoleId != DesiredRole
            {
                return EAuthenticateResult.AccessDeny;
            }

        }


        /// <summary>
        /// 获取存放在当前Session中的AbstractUser对象。
        /// </summary>
        /// <returns>如果存在，则为先前存放的User对象；否则为null</returns>
        public User GetCurrentUser()
        {
            return Session[SessUserKey] as User;   // as运算符：如果不存在或无法进行转换，则返回null 而非引发异常
        }

    }
}